Home / Vulnerability Intelligence / CVE-2026-35547

CVE-2026-35547 - Vulnerability Analysis

CriticalCVSS: 9.1

Last Updated: April 30, 2026

libnv - Privilege Escalation

Published: April 30, 2026Updated: April 30, 2026Remote Exploitable

Overview

libnv contains a heap buffer overflow caused by improper validation of incoming message header size, letting unprivileged users potentially elevate privileges or cause system crash, exploit requires crafted message.

Severity & Score

Severity: Critical

CVSS Score: 9.1

EPSS Score: 0.0%(Probability of exploitation in next 30 days)

Impact

Unprivileged users can cause system crash or elevate privileges by exploiting heap buffer overflow.

Mitigation

Update to the latest version with proper message size validation.

References

https://security.freebsd.org/advisories/FreeBSD-SA-26:17.libnv.asc

Social Media Activity(2 posts)

Graham Perrin

@grahamperrin

Apr 30, 2026

@thesaigoneer thanks! Looking at the various credits … 1/ CVE-2026-35547 <https://www.cve.org/CVERecord?id=CVE-2026-35547> FreeBSD-SA-26:17.libnv <https://security.freebsd.org/advisories/FreeBSD-SA-26:17.libnv.asc> credited to Mariusz Zaborski. <https://papers.freebsd.org/author/mariusz-zaborski/> is currently empty (<https://github.com/freebsd/freebsd-papers/issues/152> relates), should probably comprise: <https://papers.freebsd.org/2016/asiabsdcon/oshogbo-capsicum_and_casper/> <https://papers.freebsd.org/2019/bsdcan/zaborski-building_a_security_appliance_based_on_freebsd/> Cc @jloc0 @ascreen @garyhtech

View original post

Graham Perrin

@grahamperrin

Apr 30, 2026

View original post

Related Resources

Details

CVE ID: CVE-2026-35547
Severity: Critical
CVSS Score: 9.1
Type: out_of_bounds_rw
Status: unconfirmed
EPSS: 0.0%
Social Posts: 2

CWE

CWE-122

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

EPSS Score

0.0%Probability of exploitation in the next 30 days